Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Two issues with images being delivered via ProxyExternal #887

Closed
Zero3K opened this issue Jan 30, 2023 · 8 comments
Closed

Two issues with images being delivered via ProxyExternal #887

Zero3K opened this issue Jan 30, 2023 · 8 comments
Labels
workaround

Comments

@Zero3K
Copy link

Zero3K commented Jan 30, 2023

I have two issues with images being delivered via ProxyExternal. One of them is with the Google Logo Image being stretched and the other is with the Twitch Logo Image not showing. Here are screenshots of the issues.

Google Logo Issue
Twitch Logo Issue
@Zero3K
Copy link
Author

Zero3K commented Jan 30, 2023

The Google one should be fixed once 3b43a8b is in a release version.

@the-djmaze
Copy link
Owner

Can you inspect the request in the browser developer window?

@Zero3K
Copy link
Author

Zero3K commented Jan 31, 2023

General:

/Request URL: https://openmbox.net/snappy/?/ProxyExternal/aHR0cHM6Ly9zdGF0aWMtY2RuLmp0dm53Lm5ldC9ncm93dGgtYXNzZXRzL2VtYWlsX3R3aXRjaF9sb2dvX3V2
Request Method: GET
Status Code: 404
Remote Address: 104.21.73.246:443
Referrer Policy: no-referrer
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7922f35d7d73fd8a-ORD
content-encoding: br
content-security-policy: base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-eval'; img-src 'self' data: https: http:; style-src 'self' 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 13:56:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer

Response Headers:

report-to: {"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v3?s=%2Fy2wyBBbod1UfMnJzzx5Ez2Owe%2BQGURtRCEKdo6XHURW75dMNXJ2v%2FvE0Wjmm5UcpR5cbeiedqJa53S9UiVkE6Ojk4xRe%2Bji807BH1Ry%2FzE4AYTXWdEKVe6akvCvCfs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
x-content-location: https://static-cdn.jtvnw.net/growth-assets/email_twitch_logo_uv
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Request Headers:

:authority: openmbox.net
:method: GET
:path: /snappy/?/ProxyExternal/aHR0cHM6Ly9zdGF0aWMtY2RuLmp0dm53Lm5ldC9ncm93dGgtYXNzZXRzL2VtYWlsX3R3aXRjaF9sb2dvX3V2
:scheme: https
accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: smtoken=5a0d00eb04d4142694c266215e6b86cee2717ac2; smremember=c29kaXVt.xTWRLsR1NmGp6-JRsv9VNpiOJH5qsmjq.tbiP6I_vCTrJRPULcdjJV0T_4C700-rbJC4zIwh3CUkZIMQPvgJWVhD1KLHBIe4SEE9yUlqYLzs7Tdabor_u-hJVJ7Y0-rWrjXOOoNlPmP7BqZw16zOAdNhIGCpD9UXTw3Z6vvoeQYFaSQoiVw8CqDMT_IQd6aOH6kJfRksU6vRLRA; smsession=4cdabe30691a170b07b1841c3b75cb6e1364ffe1; smaccount=WyJjMjlrYVhWdCIsIkF1OE9wQzZKSDFNVWhXc0s2WFVVYWVhRGd3SkVpSzFQIiwicVIrbFBjd1VcL0F1bmRkaVZCeFg5c1RncUtPUGRPRDE5S1JEcURUbzlOUjV0THRWNW9EdjRVRUZHMTdnTFRrRUoyUGNvZVZCeUV4Q1BkVEpSRXBwOTQwR3dFbFJLQ1lLM1Y4aVl6bnY4QlF0VUZcL2lHd2E4ZXJXQ1hzTUxKN2dVPSJd
sec-ch-ua: "Not_A Brand";v="99", "Microsoft Edge";v="109", "Chromium";v="109"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.70

@the-djmaze
Copy link
Owner

https://static-cdn.jtvnw.net/growth-assets/email_twitch_logo_uv
Response with:

HTTP/2 200 OK
content-type: binary/octet-stream

But it should be content-type: image/png
SnappyMail denies all that are not image/

@Zero3K
Copy link
Author

Zero3K commented Jan 31, 2023

General:

Request URL: https://openmbox.net/snappy/?/ProxyExternal/aHR0cDovL3Ryay5zZW5kZXIueGhhbXN0ZXJsaXZlLmNvbS8wMEFlMDkyL3IxVm00NV9NYXoyYjk1aXRYd0NocVpJbFBOcG1yakdiNi1ZWlJYeFZIdVd3Ujl2MnFDT0RweFVCR1k5Y0FCVUlDWFZEWkJxVlNFaUFOaHI2MWZWS1NKYjJuQUh0Vk5vbDNNMzRRdlo4VnRVTGt1U3RZSFh6aWRTb1gtUkxKMUo4Y2FxZkloYkFQOURoLXVQcTNTQ25jWEZnLUxMS0Y0dkMyNUloNi1zNUhnNTlucWVOWE5FUlpDZ2hOWmdLQk95TDA5RUdwSjNJcHN4SElSaVg0UGNlc25PeVpXM181d2VBNS1iczV6UmtQTXNNTDFuSzNBa0poamxKY1RpamsyT2ZteUF4OEFhQjIyMA
Request Method: GET
Status Code: 404
Remote Address: 172.67.151.94:443
Referrer Policy: no-referrer

Response Headers:

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 792377c1ec561401-ORD
content-encoding: br
content-security-policy: base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-eval'; img-src 'self' data: https: http:; style-src 'self' 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 15:26:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v3?s=zn%2BkEgP0NVWbUuOJXjLnoUrkuKmE2I4ubDoPad9jlKmJZnuw%2FU%2FR0l6De%2FbQFPQ3kzltIOCpLph5GK4sFTnYGXeK7yUwzIIFlEp3m%2B53GyAtoHbEcfCSj%2FRtt%2FiCZ4w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
x-content-location: http://trk.sender.xhamsterlive.com/00Ae092/r1Vm45_Maz2b95itXwChqZIlPNpmrjGb6-YZRXxVHuWwR9v2qCODpxUBGY9cABUICXVDZBqVSEiANhr61fVKSJb2nAHtVNol3M34QvZ8VtULkuStYHXzidSoX-RLJ1J8caqfIhbAP9Dh-uPq3SCncXFg-LLKF4vC25Ih6-s5Hg59nqeNXNERZCghNZgKBOyL09EGpJ3IpsxHIRiX4PcesnOyZW3_5weA5-bs5zRkPMsML1nK3AkJhjlJcTijk2OfmyAx8AaB220
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Request Headers:

:authority: openmbox.net
:method: GET
:path: /snappy/?/ProxyExternal/aHR0cDovL3Ryay5zZW5kZXIueGhhbXN0ZXJsaXZlLmNvbS8wMEFlMDkyL3IxVm00NV9NYXoyYjk1aXRYd0NocVpJbFBOcG1yakdiNi1ZWlJYeFZIdVd3Ujl2MnFDT0RweFVCR1k5Y0FCVUlDWFZEWkJxVlNFaUFOaHI2MWZWS1NKYjJuQUh0Vk5vbDNNMzRRdlo4VnRVTGt1U3RZSFh6aWRTb1gtUkxKMUo4Y2FxZkloYkFQOURoLXVQcTNTQ25jWEZnLUxMS0Y0dkMyNUloNi1zNUhnNTlucWVOWE5FUlpDZ2hOWmdLQk95TDA5RUdwSjNJcHN4SElSaVg0UGNlc25PeVpXM181d2VBNS1iczV6UmtQTXNNTDFuSzNBa0poamxKY1RpamsyT2ZteUF4OEFhQjIyMA
:scheme: https
accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: smtoken=5a0d00eb04d4142694c266215e6b86cee2717ac2; smremember=c29kaXVt.xTWRLsR1NmGp6-JRsv9VNpiOJH5qsmjq.tbiP6I_vCTrJRPULcdjJV0T_4C700-rbJC4zIwh3CUkZIMQPvgJWVhD1KLHBIe4SEE9yUlqYLzs7Tdabor_u-hJVJ7Y0-rWrjXOOoNlPmP7BqZw16zOAdNhIGCpD9UXTw3Z6vvoeQYFaSQoiVw8CqDMT_IQd6aOH6kJfRksU6vRLRA; smsession=4cdabe30691a170b07b1841c3b75cb6e1364ffe1; smaccount=WyJjMjlrYVhWdCIsIkF1OE9wQzZKSDFNVWhXc0s2WFVVYWVhRGd3SkVpSzFQIiwicVIrbFBjd1VcL0F1bmRkaVZCeFg5c1RncUtPUGRPRDE5S1JEcURUbzlOUjV0THRWNW9EdjRVRUZHMTdnTFRrRUoyUGNvZVZCeUV4Q1BkVEpSRXBwOTQwR3dFbFJLQ1lLM1Y4aVl6bnY4QlF0VUZcL2lHd2E4ZXJXQ1hzTUxKN2dVPSJd
sec-ch-ua: "Not_A Brand";v="99", "Microsoft Edge";v="109", "Chromium";v="109"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.70

@Zero3K
Copy link
Author

Zero3K commented Jan 31, 2023
edited

Maybe https://stackoverflow.com/a/25203607/8067355 can help.

@Zero3K
Copy link
Author

Zero3K commented Jan 31, 2023
edited

What does the mentioned commit do?

@the-djmaze
Copy link
Owner

  1. It logs errors to the X-Content-Error header (for hosting out of your control)
  2. It reads the first 265 bytes from response to find the mime-type (else use the one received)
  3. then passthru the whole file if mime starts with image/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
workaround
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@the-djmaze @Zero3K